Archive

Posts Tagged ‘6.0.2’

#Citrix #XenServer Multiple Security Updates released

February 27, 2013 Leave a comment

Severity: Medium

Description of Problem

A number of security vulnerabilities have been identified in Citrix XenServer. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including version 6.1.

The following vulnerabilities have been addressed:

• interrupt remap entries shared and old ones not cleared on AMD IOMMUs (CVE-2013-0153)

• oxenstored incorrect handling of certain Xenbus ring states (CVE-2013-0215)

• Linux netback DoS via malicious guest ring (CVE-2013-0216, CVE-2013-0217)

• Linux pciback DoS via not rate limited log messages (CVE-2013-0231)

What Customers Should Do

Hotfixes have been released to address these issues in all supported versions and update levels of Citrix XenServer. Citrix recommends that customers using Citrix XenServer identify and apply all the hotfixes that relate to their deployed versions.

Customers using XenServer with AMD CPUs that pass through PCI devices (e.g. using the GPU passthrough feature) should review the hotfix release notes below for more information relevant to their specific deployments.

Continue reading and download updates here!

//Richard

%d bloggers like this: